-
Notifications
You must be signed in to change notification settings - Fork 407
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How do I create Access Control Level (ACL) list object in bootstrap server and send it to client ? #403
Comments
ACL is not supported for now. For Leshan Client, I didn't think about that so much but it could be possible to create your own ACL object and use it in a custom ObjectEnabler does allow or not allow request on client. For Leshan Bootstrap, this is not implement at all and the current design does not allow to implement it by your own without modifying the Leshan Bootstrap code. Implementing ACL is not in our priority for now but I open an issue #404 about that just to trace the community needs. |
Thanks sbernard31 for the quick response. It would be great if you could provide me with some hint on how to create a custom object enabler at client side ? |
When you create your LeshanClient via LeshanClientBuilder you need to give a list of LwM2mObjectEnabler The easy way is to use ObjectInitializer. But you as you want to add right authorization before to accept request you should create a smarter LwM2mObjectEnabler than the default one. Have look at BaseObjectEnabler or ObjectEnabler. You should probably inherit from one of them to add a way to check ACL. Note that your class will need access to the "ACL ObjectEnabler" or another structure which contains ACL information. This will not be so easy but should be feasible. |
I have created a class named - AccessControlList which extends BaseInstanceEnabler class and added below code in client-demo Bootstrap finished ServersInfo [bootstrap=Bootstrap Server [uri=coaps://localhost:5684], deviceMangements={123=DM Server [uri=coaps://localhost:5674, lifetime=20, binding=U]}]. Please help me on this. |
It seems you try to add ACL support to your client and you test with Leshan bootstrap server which does not support ACL. What did you expect ? oO ? |
Hi Sbernard31, |
Today, ACL is not supported at client and bootstrap server side : https://github.com/eclipse/leshan/wiki/LWM2M-Supported-features ACL is mainly useful if your device is connected to several LWM2M servers and you want to define specific right to each server. (e.g. limit firmware object access to server 1 so this would be the only one to be able to do a firmware update...) Currently Leshan client support maximum 1 LWM2M server, so ACL is not so useful..
Leshan client support only 1 LWM2M server and this server will have all the right on all the client objects. Probably the more common use case. |
Currently Leshan client support maximum 1 LWM2M server, so ACL is not so useful.. |
Hi Ross1503, |
@Ross1503, I'm not sure to understand you but I will try to answer anyway: About Leshan client, it currently supports only 1 LWM2M server at the same time. About bootstrap server, it's possible to use If we talk about the demo |
Hi Team,
I would like to create an ACL object in bootstrap phase which will be later used by leshan server and client.
I want client to support multiple servers, How do I enable this at client side ?
Tried with below ACL configuration changes in LWM2M_Access_Control-v1_0.xml
Added ACL owner as short server id
123
R
Single
Mandatory
Integer
0-65535
Could you please help me in this ?
Thanks,
Muthu
The text was updated successfully, but these errors were encountered: